EP2211270B1 - Methods and systems for testing stateful network communications devices - Google Patents

Methods and systems for testing stateful network communications devices Download PDF

Info

Publication number
EP2211270B1
EP2211270B1 EP10160013.8A EP10160013A EP2211270B1 EP 2211270 B1 EP2211270 B1 EP 2211270B1 EP 10160013 A EP10160013 A EP 10160013A EP 2211270 B1 EP2211270 B1 EP 2211270B1
Authority
EP
European Patent Office
Prior art keywords
packet
stateless
test
packets
tcp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP10160013.8A
Other languages
German (de)
French (fr)
Other versions
EP2211270A2 (en
EP2211270A3 (en
Inventor
Clifford L. Hannel
Douglas E. Schafer
Errol Ginsberg
Gerald R. Pepper
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ixia
Original Assignee
Ixia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ixia filed Critical Ixia
Publication of EP2211270A2 publication Critical patent/EP2211270A2/en
Publication of EP2211270A3 publication Critical patent/EP2211270A3/en
Application granted granted Critical
Publication of EP2211270B1 publication Critical patent/EP2211270B1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1008Server selection for load balancing based on parameters of servers, e.g. available memory or workload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1029Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers using data related to the state of servers by a load balancer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/163In-band adaptation of TCP data exchange; In-band control procedures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/10015Access to distributed or replicated servers, e.g. using brokers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]

Definitions

  • the present invention relates to methods and systems for testing a stateful network communications devices and to a stateless packet processor.
  • US 6,295 557 describes an apparatus for simulating internet traffic.
  • a producer thread generates a large number of TCP connections and places data in the TCP resend buffer without blocking, waiting for data to be sent, or checking for a response from the TCP channel.
  • a limited number of consumer threads are defined which are activated upon the occurrence of an event on any TCP channel.
  • IP-based intelligent networks requires the origination of Internet-scale volumes of simulated user traffic in laboratory environments.
  • the current generation of high-speed network performance testing equipment is based on either:
  • Aura et al. in "Stateless Communications" describe a transformation of stateful connections or parts of them into stateless ones by attaching the state information to the messages.
  • Message authentication codes are used for checking integrity of the state data and the connections.
  • the stateless server protocols created in this way are more robust against denial of service resulting from high loads and resource exhausting attacks than their stateful counterparts. In particular, stateless authentication resists attacks that leave connections in a half-open state.
  • U.S. Patent No. 5812780 discloses a method and system for assessing the performance of a server application that acquires performance information from the perspective of a simulated user and has significantly reduced hardware requirements. Particularly, actual user behaviour is modelled so that accurate determinations can be made as to the number of users a given server application can adequately support. User behaviour is modelled in a client profile that contains user parameters corresponding to the nature, timing, and frequency of user activities in operating a client that in turn corresponds to client tasks. A plurality of processes and process threads are initiated to contact a server as a plurality of simulated clients from a single client computer, each simulated client making a separate logical connection to the server.
  • a task scheduler will schedule the simulated client tasks that are determined for each simulated user by reference to the user parameters in the client profile throughout a work day.
  • the scheduler also introduces a random element so that the tasks simulate natural variability in user behaviour.
  • User receivable response times for the task corresponding to simulated user activity are maintained in a log file and the 95th percentile time or score for each task type is calculated.
  • the individual task type scores may be weighted and averaged together to arrive at a weighted average response time. The weighted average response time can then be used as a threshold value to determine the total number of users a server application can adequately support.
  • Figure 1 illustrates the components of the headers in a typical HTTP request/response packet.
  • Traditional network routing and switching devices are stateless in that these devices make decisions based on information that is contained within these headers without maintaining any information about previous packets. They do not maintain any type of connection to the client or server at either end of the TCP transaction complex relationship between the packets, so the transmitting device does not need to maintain any state or have any dynamic behaviors.
  • True TCP sessions contain a feedback mechanism.
  • a TCP receiver sends acknowledgement packets to a TCP sender that advertise a window size to the TCP sender that inform the TCP sender the size of the receiver's receive buffer.
  • the sender uses the advertised window size to control the flow of packets sent to the receiver.
  • This mechanism causes the flow of incoming traffic to vary as a function of receiver performance. For instance, as a TCP receiver becomes overloaded, the rate of removing and processing packets from its TCP receive buffer decreases. As a result, the window size advertised to the sender decreases, and the TCP sender slows the flow of packets sent to the receiver.
  • the mechanism can generate redundant data.
  • a TCP receiver receives an out-of-sequence packet, the receiver will send a duplicate acknowledgement to the sender indicating that an out of sequence packet was received. Because this feedback mechanism exists on every TCP connection, overall TCP session throughput becomes the dominant performance metric.
  • server load-balancing (SLB) devices may maintain state. In the most basic implementations, this takes the form of "persistent sessions" where all packets from a specific user (source IP address) are routed to the same server (destination IP address). In order to accomplish this, the SLB may maintain a table of established client/server connections and look up the server to which a packet should be routed based on the client address.
  • SLB devices may make routing decisions based on a combination of data from the IP, TCP and HTTP header (URL, Cookie) and may even actively participate in a client/server session by proxying and aggregating multiple client connections into a pool of pre-existing server connections. Since the SLB may have a full TCP/IP stack, it becomes much more difficult to test the device with stateless, algorithmically generated traffic. The performance of the SLB is sensitive to many more characteristics of the TCP session. Table 1 shown below summarizes the information in a received packet processed by various IP-based communications devices.
  • Table 1 Routing Device Header Awareness Header Field Switch Router Traditional SLB Nextgen SLB MAC DA/SA X X X X Ethernet FCS X X X X IP DA/SA X X X IP Checksum X X X TCP src/dst port X TCP Sequence # X TCP Checksum X HTTP URL X HTTP Cookie X
  • switches and routers only process Ethernet and IP headers, respectively.
  • Traditional server load balancers process the IP source and destination address fields and TCP source and destination port fields.
  • Next generation server load balancers process every header from the Ethernet header through application-level headers. As a result, these next generation devices cannot be tested using traditional stateless packet blasters.
  • stateless hardware-based solutions cost a fraction as much as fully stateful software-based solutions for high packet rates
  • stateless solutions do not provide realistic enough traffic to accurately measure the performance of stateful network communications devices, such as new generation SLBs.
  • SLB devices that proxy connections with nearly a full TCP stack will drop simulated connections attempted by such a device.
  • software-based full stack implementations are prohibitively expensive to acquire and difficult to maintain and operate for high rates and/or volumes of connections.
  • software-based full TCP stack implementations require multiple may require multiple machines with multiple processors and network interfaces to achieve the number of TCP sessions required to test a stateful network communications device, such as a server load balancer. Accordingly, there exists a long-felt need for economical methods and systems for testing stateful network communications devices capable of simulating a realistic mix of network traffic.
  • the present invention includes a method and a system for testing a stateful network communication device.
  • Stateful network communications devices that may be tested by embodiments of the present invention include any type of device that maintains state, such stateful servers, server load balancers, firewalls, secure sockets layer (SSL) accelerators, etc.
  • SSL secure sockets layer
  • the methods and systems according to the present invention are capable of simulating a realistic mix of traffic without requiring all of the sessions or connections used in a test to be stateful.
  • the method comprises initiating by a test device a plurality of stateless simulated TCP connections with a device under test without maintaining connection state information within the test device, receiving by a programmable stateless packet processor within the test device packets from the device under test over the stateless simulated TCP connections, and preparing response packets by the programmable stateless packet processor, based on information in the received packets without maintaining connection state information from one received packet to the next.
  • a a number of simulated stateless connections are established with a device under test.
  • Stateful TCP/IP connections are also established with the device under test. Packets are sent to the device under test over the stateful and stateless connections. Performance and behavior measurements are taken on the stateful connections. These performance measurements are used to modify the behavior of the stateless connections in order to simulate a realistic mix of network traffic.
  • the present invention does not require all of the connections to be stateful, the amount of hardware required to test a stateful network communications device is reduced.
  • test system 100 includes a first test device 102 and a second test device 104 for testing a device under test 106.
  • device under test 106 is a server load balancer.
  • the present invention is not limited to using two test devices to test a server load balancer.
  • a single test device could be used to test a server load balancer or other device.
  • using two test devices to test a server load balancer is preferred because one test device can function as a client and the other test device can function as multiple servers.
  • one or more test devices 102 may be configured as clients and used to test the TCP functionality of a server, such as a web server.
  • test devices 102 and 104 each include TCP/IP stacks 108 for implementing full TCP/IP communications capabilities.
  • full TCP/IP communications capabilities it is meant that TCP/IP stacks 108 implement the full TCP protocol, including timeouts, retransmissions, flow control, etc.
  • the TCP protocol that may be implemented by TCP/IP stacks 108 is described in IETF RFCs 675, 761, and 793, the disclosures of which are incorporated herein by reference in their entirety.
  • the IP protocol that may be implemented by TCP/IP stacks 108 is described in IETF RFCs 760 and 791, the disclosures of which are incorporated herein by reference in their entirety. According to the present invention, data collected on full TCP/IP sessions established by TCP/IP stacks 108 will be used to modify test behavior on the simulated stateless TCP/IP connections, as will be discussed in more detail below.
  • TCP/IP stacks 108 can be contrasted with that of programmable stateless packet processors 110.
  • Programmable stateless packet processors 110 simulate TCP/IP communications in a stateless manner. By “stateless,” it is meant that programmable stateless packet processors 110 make response decisions based only on information contained in an inbound packet. Programmable stateless packet processors 110 preferably do not maintain any state about a connection from one packet to the next. For example, when programmable stateless processors 110 receive a SYN packet, processors 110 formulate and send a SYN plus ACK. Programmable stateless packet processors 110 preferably do not implement of the stateful procedures implemented by TCP/IP stacks 108.
  • programmable stateless packet processors 110 may not implement flow control or retransmissions, both of which require complex code and processing resources. Because programmable stateless packet processors 110 make decisions based on information in inbound packets, programmable stateless packet processors 110 are not required to maintain connection tables of open TCP sessions. The lack of connection tables greatly reduces the processing and memory required for each simulated connection over that of a full TCP/IP session or connection. As a result, TCP/IP test devices 102 and 104 can simulate more TCP/IP sessions with a reduced amount of hardware over conventional full-stack test devices while still causing the DUT to add or reference information in its own state table.
  • TCP amplification controllers 112 receive performance metrics regarding stateful TCP connections maintained by TCP/IP stacks 108 and use this information to modify the behavior of the simulated stateless TCP connections. Performance metrics may be obtained directly from TCP/IP stacks 108 or from an external measurement device 114, such as a packet sniffer. Exemplary performance measurements that may be used include retransmission rate, fragmentation, packet sizes, drop/reset rates, and other information that requires stateful TCP session handling. These metrics can be used to change the corresponding behavior of the stateless TCP connections implemented by programmable stateless packet processors 110 to more closely simulate a realistic mix of traffic.
  • TCP amplification controllers 112 receive performance metrics regarding stateful TCP connections maintained by TCP/IP stacks 108 and use this information to modify the behavior of the simulated stateless TCP connections. Performance metrics may be obtained directly from TCP/IP stacks 108 or from an external measurement device 114, such as a packet sniffer. Exemplary performance measurements that may be used include retransmission rate, fragmentation
  • TCP AMP controller 112 on test device 102 may instruct programmable stateless packet processor 110 to retransmit the same percentage of TCP segments on the stateless connections.
  • test devices 102 and 104 closely simulate live network connections.
  • Test devices 102 and 104 may also include filters 116 for filtering data received on stateless and stateful TCP connections.
  • filters 116 may contain tables that associate IP addresses with stateless and stateful connections. When a packet is received over one of the connections, filters 116 determine whether to send the packets to TCP/IP stack 108 or programmable stateless packet processor 110 based on the connection tables.
  • Test devices 102 and 104 preferably also include TCP applications 118 and 120.
  • TCP application 118 may be a client application, such as an HTTP client application.
  • TCP application 120 may be a TCP server, such as an HTTP server.
  • the present invention is not limited to using HTTP to test a device under test. Any application capable of using the underlying services of TCP to send or receive data is within the scope of the invention. For example, other applications that may be used include FTP, telnet, or other stateful application.
  • components 108, 112, and 118 are illustrated as being implemented in software, while components 110 and 116 are illustrated as being implemented in hardware.
  • the present invention is not limited to such an implementation. Any of the components illustrated in Figure 2 may be implemented in hardware, software, or a combination of hardware and software.
  • test device 102 includes a processor 200 and processor memory 202. Components 200 and 202 may be used to run TCP/IP stacks 108, and TCP AMP controllers 112.
  • Transmit field programmable gate array (TX FPGA) 204 and buffer memory 206 may implement programmable stateless packet processors 110 illustrated in Figure 2 .
  • programmable stateless packet processors 110 illustrated in Figure 2 .
  • Using an FPGA to implement programmable stateless packet processors 110 is preferred because an FPGA is capable of performing limited processing on data at much higher rates than a general-purpose processor.
  • the behavior of an FPGA can be modified at runtime without flow interruption by an application running on a local processor or an application running on another processor via the system interface.
  • TX FPGA 204 implements the programmable stateless packet processor 110
  • TCP AMP controller is implemented on processor 200
  • output from TCP AMP controller 112 executing on processor 200 may be used to alter the behavior of programmable stateless packet processor 110 executing on TX FPGA 204.
  • test device 102 includes an RX FPGA 208 and buffer memory 210.
  • Components 208 and 210 preferably implement packet filters 116 illustrated in Figure 2 .
  • RX FPGA 208 receives packets from the physical network interface and forwarding the packets to either programmable stateless packet processor 110 or TCP/IP stack 108.
  • TX FPGA 204 RX FPGA 208 is capable of performing limited processing on data at much higher rates than a general-purpose processor.
  • the behavior of RX FPGA 208 can be modified on the fly by an application running on a local processor or an application running on another computer via the system interface.
  • Physical layer chip 212 provides the physical interface for transmitting and receiving packets.
  • the type of interface implemented by component 212 may be an electrical interface or an optical interface.
  • component 212 may implement Ethernet over a 100 Base T copper media or IP using Packet Over SONET over optical media.
  • processor 200, TX FPGA 204, and RX FPGA 208 are connected via address lines 216, data lines 218, and a system bus 220.
  • System bus 220 allows a host controller or client application to manage multiple ports in a coordinated fashion.
  • multiple adapter cards, each containing the multiple sets of the components in Figure 3 may be used where each adapter has one or more physical network interfaces.
  • the adapter cards may be plugged into a host system (chassis), which may include a general-purpose computer.
  • TCP application 118 or 120 may execute on the embedded processor 200 or on the host system processor. Because each test device is capable of simulating real TCP connections without maintaining state, the amount of TCP connections per network interface is increased over conventional test systems. As a result, TCP/IP communications devices, such as servers and server load balancers can be tested with a reduced amount of hardware.
  • FIG. 4 is a flow chart illustrating an exemplary process for testing a stateful communications device according to an embodiment of the present invention.
  • the device under test may be any type of stateful network communications device, such as an application server or a server load balancer. If the device under test is an application server, a single test system, such as test device 102 illustrated in Figure 2 may be configured as a client and used to establish connections with the application server. If the device under test is a server load balancer, one test device 102 may be configured as a client to establish connections with the server load balancer and another test device 104 may be configured as a server farm to receive connection requests from the server load balancer. In yet another alternative implementation, multiple test devices 102 may be used to test multiple devices under test, such as a server farm.
  • Stateful connections with the device under test may be established using stateful TCP connection establishment procedures as described in the above-referenced TCP/IP protocol standards documents.
  • An exemplary procedure for establishing simulated stateless TCP/IP connections with a device under test will be described in detail below with regard to Figures 5 and 6 .
  • test device 102 requests data on the stateless and stateful connections. If the device under test is a web server, requesting data may include requesting data using the HTTP protocol. If the device under test is a server load balancer, requesting data may include requesting data from any type of application server that may be proxied by a server load balancer.
  • performance and/or behavior measurements are gathered on the stateful TCP connections. As stated above, examples of such metrics include the rate of connections being dropped, the rate of retransmissions, the rate of packets being dropped, etc. In step ST4, these measurements are used to modify the behavior of the simulated stateless connections to more closely simulate live network conditions.
  • test device 102 may be configured to retransmit packets at the same rate. If the device under test is a server load balancer and the device on the other side of the server load balancer is test device 104, programmable stateless packet processor 110 of test device 104 may be configured to retransmit data packets to test device 102. Test device 102 may be configured by its local TCP AMP controller 112 to disregard retransmitted packets.
  • programmable stateless packet processor 110 Since programmable stateless packet processor 110 only reacts to inbound packets, some independent mechanism must be used to initiate a sequence of response packets.
  • One method for initiating a response is by generating a "synchronous stream" of SYN packets using traditional packet-blaster capability that may be available in TX FPGA 204. This sync stream can generate packets at up to wire speed with extremely precise timing of gaps between packets (fractions of a microsecond precision). In a typical test, a sync stream will be configured to kick off the pseudo-sessions. The rate will be programmed according to the test that a user wants to perform.
  • One exemplary measurement that a user may want to determine in testing a device or a network is the number of sessions of a given type that can be handled at a given tolerable drop rate. For example, an SLB manufacturer might want to know how many HTTP GETs of a particular average size (or mix) can be done per second before their device starts dropping packets (due to buffers filling, for example).
  • the measured retransmit rate from the full stack in software can be used to change the rate of the sync stream on the stateless connections sync stream will be configured to kick off the pseudo-sessions.
  • the rate will be programmed according to the test that a user wants to perform.
  • One exemplary measurement that a user may want to determine in testing a device or a network is the number of sessions of a given type that can be handled at a given tolerable drop rate. For example, an SLB manufacturer might want to know how many HTTP GETs of a particular average size (or mix) can be done per second before their device starts dropping packets (due to buffers filling, for example).
  • the measured retransmit rate from the full stack in software can be used to change the rate of the sync stream on the stateless connections (continuously without stopping/restarting the test) until the desired drop rate is achieved (in this case, zero - but in practicality it will be some small percentage).
  • This is much more efficient than other methods which require a linear or binary search to "home in” on the maximum rate achievable at some drop rate.
  • a search algorithm like this would require running large numbers of tests in succession at different initial rates. The present invention thus avoids these difficulties associated with conventional test methods.
  • the present invention uses measurements taken on stateful connections to modify the behavior of tests executing on stateless connections
  • the present invention is not limited to such an embodiment.
  • the present invention may include using measurements taken on both the stateless and stateful connections to modify the behavior of stateless connections.
  • the behavior of the stateful connections may also be modified. Any combination of using feedback on the connections to modify the behavior of the stateless and/or the stateful connections is intended to be within the scope of the invention.
  • FIG. 5A is a flow chart illustrating exemplary operations performed by a programmable stateless packet processor according to an embodiment of the present invention.
  • programmable stateless packet processor 110 receives a packet from a device under test.
  • steps ST2 and ST3 programmable stateless packet processor 110 determines whether a response is required for the packet. For example, if the packet is a SYN packet, programmable stateless packet processor 110 may determine that a SYN plus ACK is required in order to establish a simulated TCP connection with the device under test. If a response is not required for a received packet, control returns to step ST1 where programmable stateless packet processor 110 waits for the next packet.
  • programmable stateless packet processor 110 determines that a response is required for the received packet, programmable stateless packet processor 110 prepares a response packet based on the information in the received packet. For example, in step ST4, programmable stateless packet processor 110 swaps the source and destination addresses in the IP and Ethernet headers of the received packet, assuming Ethernet is the underlying communication medium. In step ST5, programmable stateless packet processor 110 sets the appropriate bits in the TCP and network headers. This step may include computing header checksums, inserting the correct sequence number value based on the received sequence number, inserting the correct value in the TCP CODE BITS field, etc. The type of response packet may be determined based on the fields in the received packet.
  • packet classifications table 500 contains packet classification identifiers or pointers and corresponding offsets and patterns associated with each identifier. For example, packet classification table 500 may classify the following types of TCP packets:
  • Packet classification table 500 may contain bit patterns and offsets for each of the above-listed packet types.
  • the packet classification identifiers extracted from packet classification table 500 may be used to locate responses in response table 502. There may be multiple responses in response table 502 corresponding to each packet classification type. In a situation where there are multiple responses for a given packet classification type, the responses may be ordered and programmable stateless packet processor 110 may execute the responses in sequence.
  • each response may include a packet classification identifier, a starting packet identifier, the number of packets to be included in the response, and instructions for determining acknowledgement and sequence numbers to be included in the response packet.
  • Each packet identifier in response table 502 may be used to locate a corresponding packet template in packet table 504.
  • Packet table 504 may contain templates for various types of response packets, such as SYN packets, ACK packets, data packets, etc. These response templates may be used to build outgoing packets based on data extracted from received packets in the manner discussed above with regard to Figure 5A . There may be multiple packets corresponding to each packet identifier.
  • programmable stateless packet processor 110 when programmable stateless packet processor 110 receives a packet, it searches the packet for various patterns located at various offsets according to packet classification table 502. In response to locating a matching pattern, programmable stateless packet processor 110 uses extracts the packet classification ID and uses this value to obtain a response from response table 502. Programmable stateless packet processor 110 uses information extracted from response table 502 to extract a template from packets table 504. Programmable stateless packet processor 110 then builds the packet using the extracted template. This process may be repeated for each response stored in response table 502 for the given packet type and each packet in packets table 504 until the desired packet is sent.
  • FIG. 6 is a message flow diagram illustrating messages that may be sent between a programmable stateless packet processor 110 of test device 102 and a server 250 in an HTTP GET transaction.
  • programmable stateless packet processor 110 formulates and sends a SYN packet to server 250.
  • server 250 receives a SYN packet and sends a SYN plus ACK.
  • programmable stateless packet processor receives the SYN plus ACK, determines that an ACK is required based only on the received packet, and sends the ACK.
  • server 250 considers the connection with test device 102 to be open. Because test device 102 preferably does not maintain connection state information, test device 102 does not know whether the connection is open. However, in the scenario illustrated in Figure 6 , test device 102 assumes that the connection is open after sending the ACK in line 3.
  • programmable stateless packet processor 110 of test device 102 sends a TCP segment containing an acknowledgement plus an HTTP GET request to server 250 to request data from server 250.
  • server 250 receives the HTTP GET message, extracts the requested data, and sends the requested data to test device 102.
  • test device 102 receives the data and formulates a response packet based on the data packet. In this case, the response packet is an ACK packet.
  • programmable stateless packet processor 110 of test device 102 sends a FIN plus ACK packet to server 250 to initiate a connection close.
  • server 250 receives the FIN and sends an ACK to the FIN.
  • programmable stateless packet processor 110 of test device 102 receives the ACK. Because the ACK does not include any data in this example, programmable stateless packet processor 110 of test device 102 determines that no response is required.
  • server 250 sends a FIN plus ACK packet to test device 102 to instruct the test system to close its connection.
  • programmable stateless packet processor 110 of test device 102 receives the SYN plus ACK packet. Since programmable stateless packet processor 110 does not know that the connection is open, programmable stateless packet processor 110 simply sends an acknowledgement to the FIN packet. In line 14 of the message flow diagram, server 250 receives the FIN packet, and closes and releases resources for its local connection.
  • HTTP is the primary protocol used by web browsers to obtain web pages on the Internet.
  • the present invention is not limited to using HTTP to test stateful network communications devices. Any stateful application may be used.
  • Table 2 shown below illustrates exemplary metrics that may be used to test a device under test, such as a server load balancer or an application server, such as a web server.
  • Table 2 Test Scenarios Metric How Measured Typical Values Maximum concurrent sessions Client application must generate multiple requests concurrently and/or before previous requests complete. 50,000-1,000,000 Test system must maintain count of how many requests are outstanding (i.e.: TCP connection opened but not closed) at any instant in time. Maximum sessions per second Client application must generate large number of requests in parallel and in rapid succession. Test system must maintain count of requests and responses per second. 10,000-250,000 Maximum sessions per second as function of concurrent sessions Perform multiple session/second tests with increasing numbers of concurrent sessions already open Variable
  • Figure 7 is a screen shot illustrating an exemplary configuration screen of a test system according to an embodiment of the present invention.
  • test screen 300 includes a first input area 302 allow a user to select the total number of simulated clients and the total number of concurrent sessions.
  • Input area 304 allows the user to input the IP address, the gateway address, and the sub-net address for the first client used in the test.
  • Input area 306 allows the user to input the IP address, gateway address, and sub-net mask of the first server to be used in the test.
  • a system for testing stateful network communications devices may collect and display statistics for each test performed.
  • Figure 8 is a screen shot illustrating exemplary connection rate data collected by a test system according to an embodiment of the present invention.
  • the connection rate data includes page requests per second, connections requested per second, concurrent sessions, page failure responses per second, pace responses per second, and connections accepted per second. These and other measurements may be collected, displayed to the user in an easily understood format, and used to evaluate the performance of a device under test.
  • a system for testing a stateful network communications device achieves higher performance at a lower cost than conventional systems.
  • Various alternative means of generating adequate traffic to test the performance limits of the device Each method presents a tradeoff between cost, complexity and realism. Determining which method is the least expensive acceptable method depends on validating the test results for each method against those obtained with real traffic.
  • Table 3 shown below a system for testing stateful network communications devices according to the present invention gives better performance per unit cost over conventional test systems.
  • Table 3 TCP Traffic Generation Capabilities for Various Methods TCP/Application Capability Traditional Packet Blaster HW-based Stateless Packet Processor SW-based Stateless Packet Processor HW/SW Hybrid Amplified TCP CPU-based Full TCP/IP MAC DA/SA (swap) X(1) X X X IP DA/SA (swap) X(1) X X X TCP src/dst port (swap) X(1) X X X TCP control bits (change appropriately) X (1,2) X (2) X (4) X TCP Sequence # (compute) X X X TCP Dynamic Window Size X (4) X TCP Retransmit X (4) X Fragmentation (create/reassemble) X (4) X HTTP Get Response (static page) X (3) X (4) X HTTP Cookie (static request) X X X X X X X X

Abstract

Methods and systems (102, 104) for testing stateful network communications devices are disclosed. According to one test method, stateful and simulated stateless sessions are established with a device under test (106). Packets are sent to the device under test (106) over the stateful and stateless connections. Information received on the stateful connections is used to alter test conditions on the stateless connections. As a result, a realistic mix of network traffic can be achieved with a reduced amount of hardware.

Description

  • The present invention relates to methods and systems for testing a stateful network communications devices and to a stateless packet processor.
  • US 6,295 557 describes an apparatus for simulating internet traffic. A producer thread generates a large number of TCP connections and places data in the TCP resend buffer without blocking, waiting for data to be sent, or checking for a response from the TCP channel. A limited number of consumer threads are defined which are activated upon the occurrence of an event on any TCP channel.
  • US 2001/0016867 A1 describes a framework system for testing a server performance.
  • Testing high capacity, IP-based intelligent networks requires the origination of Internet-scale volumes of simulated user traffic in laboratory environments. The current generation of high-speed network performance testing equipment is based on either:
    • Proprietary hardware-based "packet blasters" that use preconfiguring quasistatic packets at or near "wirespeed;" or
    • TCP socket-based software that runs on large numbers of general purpose (or slightly modified) computing platforms.
  • As the density, speed and intelligent traffic management capabilities of network devices increase, traditional high-volume traffic generation solutions are less able to simulate real-world scenarios.
  • Brooks Hickman Spirent Communications David Newman network test Terry Martin m2networx inc: "Benchmarking methodology for firewall performance; draft-ietf-bmwgfirewall-02.txt" discloses methodologies for the performance benchmarking of firewalls. It provides methodologies in four areas: forwarding, connection, latency and filtering. In addition to defining the tests, this document also describes specific formats for reporting the results of the tests.
  • Aura et al. in "Stateless Communications" describe a transformation of stateful connections or parts of them into stateless ones by attaching the state information to the messages. Message authentication codes are used for checking integrity of the state data and the connections. The stateless server protocols created in this way are more robust against denial of service resulting from high loads and resource exhausting attacks than their stateful counterparts. In particular, stateless authentication resists attacks that leave connections in a half-open state.
  • U.S. Patent No. 5812780 discloses a method and system for assessing the performance of a server application that acquires performance information from the perspective of a simulated user and has significantly reduced hardware requirements. Particularly, actual user behaviour is modelled so that accurate determinations can be made as to the number of users a given server application can adequately support. User behaviour is modelled in a client profile that contains user parameters corresponding to the nature, timing, and frequency of user activities in operating a client that in turn corresponds to client tasks. A plurality of processes and process threads are initiated to contact a server as a plurality of simulated clients from a single client computer, each simulated client making a separate logical connection to the server. A task scheduler will schedule the simulated client tasks that are determined for each simulated user by reference to the user parameters in the client profile throughout a work day. The scheduler also introduces a random element so that the tasks simulate natural variability in user behaviour. User receivable response times for the task corresponding to simulated user activity are maintained in a log file and the 95th percentile time or score for each task type is calculated. The individual task type scores may be weighted and averaged together to arrive at a weighted average response time. The weighted average response time can then be used as a threshold value to determine the total number of users a server application can adequately support.
    • TCP SESSION CHARACTERISTICS
  • Figure 1 illustrates the components of the headers in a typical HTTP request/response packet. Traditional network routing and switching devices are stateless in that these devices make decisions based on information that is contained within these headers without maintaining any information about previous packets. They do not maintain any type of connection to the client or server at either end of the TCP transaction complex relationship between the packets, so the transmitting device does not need to maintain any state or have any dynamic behaviors.
  • For this reason, the current generation of high performance traffic generators do not require a full TCP/IP stack for performance testing. Specialized hardware is used to generate wirespeed packets that are varied algorithmically by overlaying variable length incrementing or random patterns over a "base packet" without any consideration of received packets. These conventional stateless test devices are commonly referred to as packet blasters.
  • True TCP sessions contain a feedback mechanism. For example, a TCP receiver sends acknowledgement packets to a TCP sender that advertise a window size to the TCP sender that inform the TCP sender the size of the receiver's receive buffer. The sender uses the advertised window size to control the flow of packets sent to the receiver. This mechanism causes the flow of incoming traffic to vary as a function of receiver performance. For instance, as a TCP receiver becomes overloaded, the rate of removing and processing packets from its TCP receive buffer decreases. As a result, the window size advertised to the sender decreases, and the TCP sender slows the flow of packets sent to the receiver. In addition, the mechanism can generate redundant data. For example, if a TCP receiver receives an out-of-sequence packet, the receiver will send a duplicate acknowledgement to the sender indicating that an out of sequence packet was received. Because this feedback mechanism exists on every TCP connection, overall TCP session throughput becomes the dominant performance metric.
  • Unlike traditional switches and routers, server load-balancing (SLB) devices may maintain state. In the most basic implementations, this takes the form of "persistent sessions" where all packets from a specific user (source IP address) are routed to the same server (destination IP address). In order to accomplish this, the SLB may maintain a table of established client/server connections and look up the server to which a packet should be routed based on the client address.
  • The next generation of SLB devices is much more sophisticated. They may make routing decisions based on a combination of data from the IP, TCP and HTTP header (URL, Cookie) and may even actively participate in a client/server session by proxying and aggregating multiple client connections into a pool of pre-existing server connections. Since the SLB may have a full TCP/IP stack, it becomes much more difficult to test the device with stateless, algorithmically generated traffic. The performance of the SLB is sensitive to many more characteristics of the TCP session. Table 1 shown below summarizes the information in a received packet processed by various IP-based communications devices. Table 1: Routing Device Header Awareness
    Header Field Switch Router Traditional SLB Nextgen SLB
    MAC DA/SA X X X X
    Ethernet FCS X X X X
    IP DA/SA X X X
    IP Checksum X X X
    TCP src/dst port X
    TCP Sequence # X
    TCP Checksum X
    HTTP URL X
    HTTP Cookie X
  • In Table 1, it can be seen that switches and routers only process Ethernet and IP headers, respectively. Traditional server load balancers process the IP source and destination address fields and TCP source and destination port fields. Next generation server load balancers process every header from the Ethernet header through application-level headers. As a result, these next generation devices cannot be tested using traditional stateless packet blasters.
  • Today's load balancing switches generally handle tens of thousands of session establishments per second with fewer than 100,000 concurrent sessions established. Moore's Law is adhered to not only in general purpose computing platforms but in network devices as well: the new generation of load balancers will handle hundreds of thousands of sessions per second with 1,000,000 or more concurrent sessions established.
  • While stateless hardware-based solutions cost a fraction as much as fully stateful software-based solutions for high packet rates, stateless solutions do not provide realistic enough traffic to accurately measure the performance of stateful network communications devices, such as new generation SLBs. In fact, SLB devices that proxy connections with nearly a full TCP stack will drop simulated connections attempted by such a device. At the other extreme, software-based full stack implementations are prohibitively expensive to acquire and difficult to maintain and operate for high rates and/or volumes of connections. For example, software-based full TCP stack implementations require multiple may require multiple machines with multiple processors and network interfaces to achieve the number of TCP sessions required to test a stateful network communications device, such as a server load balancer. Accordingly, there exists a long-felt need for economical methods and systems for testing stateful network communications devices capable of simulating a realistic mix of network traffic.
  • The present invention includes a method and a system for testing a stateful network communication device. Stateful network communications devices that may be tested by embodiments of the present invention include any type of device that maintains state, such stateful servers, server load balancers, firewalls, secure sockets layer (SSL) accelerators, etc. The methods and systems according to the present invention are capable of simulating a realistic mix of traffic without requiring all of the sessions or connections used in a test to be stateful. According to one exemplary method, the method comprises initiating by a test device a plurality of stateless simulated TCP connections with a device under test without maintaining connection state information within the test device, receiving by a programmable stateless packet processor within the test device packets from the device under test over the stateless simulated TCP connections, and preparing response packets by the programmable stateless packet processor, based on information in the received packets without maintaining connection state information from one received packet to the next. A a number of simulated stateless connections are established with a device under test. Stateful TCP/IP connections are also established with the device under test. Packets are sent to the device under test over the stateful and stateless connections. Performance and behavior measurements are taken on the stateful connections. These performance measurements are used to modify the behavior of the stateless connections in order to simulate a realistic mix of network traffic.
  • Because the present invention does not require all of the connections to be stateful, the amount of hardware required to test a stateful network communications device is reduced.
  • Accordingly, it is an object of the present invention to provide an improved method and system for testing a stateful network communications device.
  • It is another object of the invention to provide a method and a system for testing a stateful network communications device that use both stateful and simulated stateless connections.
  • It is yet another object of the present invention to provide a system for testing a stateful network communications device using a reduced amount of hardware over conventional systems.
  • Some of the objects of the invention having been stated hereinabove, other objects will become evident as the description proceeds when taken in connection with the accompanying drawings as best described hereinbelow.
    • Brief Description of the Drawings
  • A description of preferred embodiments of the invention will now proceed with reference to the accompanying drawings of which:
    • Figure 1 is a block diagram of a packet structure for HTTP;
    • Figure 2 is a block diagram of a system for testing a stateful network communications device according to an embodiment of the present invention;
    • Figure 3 is a block diagram of exemplary hardware that may be associated with a system for testing a stateful network communications device according to an embodiment of the present invention;
    • Figure 4 is a flow chart illustrating exemplary steps for testing a stateful network communications device according to an embodiment of the present invention;
    • Figure 5A is a flow chart illustrating exemplary operations performed by a programmable stateless packet processor according to an embodiment of the present invention;
    • Figure 5B is a block diagram illustrating exemplary data structures that may be used by a programmable stateless packet processor in responding to incoming packets according to an embodiment of the present invention;
    • Figure 6 is a message flow diagram illustrating exemplary messages sent between a test device and a device under test according to an embodiment of the present invention;
    • Figure 7 is a screen shot of a configuration screen of a system for testing a stateful network communications device according to an embodiment of the present invention; and
    • Figure 8 is a screen shot illustrating exemplary test results collected by a system for testing a stateful network communications device according to an embodiment of the present invention.
    Detailed Description of the Invention
  • Figure 2 is a functional block diagram illustrating exemplary components of a system for testing a stateful network communications device according to an embodiment of the present invention. In Figure 2, test system 100 includes a first test device 102 and a second test device 104 for testing a device under test 106. In the illustrated example, device under test 106 is a server load balancer. Although the example illustrated in Figure 2 includes two test devices, the present invention is not limited to using two test devices to test a server load balancer. For example, in an alternative test scenario, a single test device could be used to test a server load balancer or other device. However, using two test devices to test a server load balancer is preferred because one test device can function as a client and the other test device can function as multiple servers. In yet another alternative test scenario, one or more test devices 102 may be configured as clients and used to test the TCP functionality of a server, such as a web server.
  • In Figure 2, test devices 102 and 104 each include TCP/IP stacks 108 for implementing full TCP/IP communications capabilities. By "full TCP/IP communications capabilities," it is meant that TCP/IP stacks 108 implement the full TCP protocol, including timeouts, retransmissions, flow control, etc. The TCP protocol that may be implemented by TCP/IP stacks 108 is described in IETF RFCs 675, 761, and 793, the disclosures of which are incorporated herein by reference in their entirety. The IP protocol that may be implemented by TCP/IP stacks 108 is described in IETF RFCs 760 and 791, the disclosures of which are incorporated herein by reference in their entirety. According to the present invention, data collected on full TCP/IP sessions established by TCP/IP stacks 108 will be used to modify test behavior on the simulated stateless TCP/IP connections, as will be discussed in more detail below.
  • The operation of TCP/IP stacks 108 can be contrasted with that of programmable stateless packet processors 110. Programmable stateless packet processors 110 simulate TCP/IP communications in a stateless manner. By "stateless," it is meant that programmable stateless packet processors 110 make response decisions based only on information contained in an inbound packet. Programmable stateless packet processors 110 preferably do not maintain any state about a connection from one packet to the next. For example, when programmable stateless processors 110 receive a SYN packet, processors 110 formulate and send a SYN plus ACK. Programmable stateless packet processors 110 preferably do not implement of the stateful procedures implemented by TCP/IP stacks 108. For example, programmable stateless packet processors 110 may not implement flow control or retransmissions, both of which require complex code and processing resources. Because programmable stateless packet processors 110 make decisions based on information in inbound packets, programmable stateless packet processors 110 are not required to maintain connection tables of open TCP sessions. The lack of connection tables greatly reduces the processing and memory required for each simulated connection over that of a full TCP/IP session or connection. As a result, TCP/ IP test devices 102 and 104 can simulate more TCP/IP sessions with a reduced amount of hardware over conventional full-stack test devices while still causing the DUT to add or reference information in its own state table.
  • The behavior of programmable stateless packet processors 110 is preferably programmable or controllable by TCP amplification (AMP) controllers 112. TCP AMP controllers 112 receive performance metrics regarding stateful TCP connections maintained by TCP/IP stacks 108 and use this information to modify the behavior of the simulated stateless TCP connections. Performance metrics may be obtained directly from TCP/IP stacks 108 or from an external measurement device 114, such as a packet sniffer. Exemplary performance measurements that may be used include retransmission rate, fragmentation, packet sizes, drop/reset rates, and other information that requires stateful TCP session handling. These metrics can be used to change the corresponding behavior of the stateless TCP connections implemented by programmable stateless packet processors 110 to more closely simulate a realistic mix of traffic. For instance, if measurement device 114 detects that a certain percentage of TCP/IP segments are being retransmitted, TCP AMP controller 112 on test device 102 may instruct programmable stateless packet processor 110 to retransmit the same percentage of TCP segments on the stateless connections. Thus, by using data collected on the stateful connections to modify test conditions on the stateless connections, test devices 102 and 104 closely simulate live network connections.
  • Test devices 102 and 104 may also include filters 116 for filtering data received on stateless and stateful TCP connections. For example, filters 116 may contain tables that associate IP addresses with stateless and stateful connections. When a packet is received over one of the connections, filters 116 determine whether to send the packets to TCP/IP stack 108 or programmable stateless packet processor 110 based on the connection tables.
  • Test devices 102 and 104 preferably also include TCP applications 118 and 120. In the illustrated example, TCP application 118 may be a client application, such as an HTTP client application. TCP application 120 may be a TCP server, such as an HTTP server. The present invention is not limited to using HTTP to test a device under test. Any application capable of using the underlying services of TCP to send or receive data is within the scope of the invention. For example, other applications that may be used include FTP, telnet, or other stateful application.
  • In the example illustrated in Figure 2, components 108, 112, and 118 are illustrated as being implemented in software, while components 110 and 116 are illustrated as being implemented in hardware. However, the present invention is not limited to such an implementation. Any of the components illustrated in Figure 2 may be implemented in hardware, software, or a combination of hardware and software.
  • Figure 3 is a block diagram of exemplary hardware for system for testing a stateful network communications device according to an embodiment of the present invention. In Figure 3, test device 102 includes a processor 200 and processor memory 202. Components 200 and 202 may be used to run TCP/IP stacks 108, and TCP AMP controllers 112.
  • Transmit field programmable gate array (TX FPGA) 204 and buffer memory 206 may implement programmable stateless packet processors 110 illustrated in Figure 2. Using an FPGA to implement programmable stateless packet processors 110 is preferred because an FPGA is capable of performing limited processing on data at much higher rates than a general-purpose processor. In addition, the behavior of an FPGA can be modified at runtime without flow interruption by an application running on a local processor or an application running on another processor via the system interface. For example, if TX FPGA 204 implements the programmable stateless packet processor 110, and TCP AMP controller is implemented on processor 200, output from TCP AMP controller 112 executing on processor 200 may be used to alter the behavior of programmable stateless packet processor 110 executing on TX FPGA 204.
  • In the illustrated embodiment, test device 102 includes an RX FPGA 208 and buffer memory 210. Components 208 and 210 preferably implement packet filters 116 illustrated in Figure 2. In particular, RX FPGA 208 receives packets from the physical network interface and forwarding the packets to either programmable stateless packet processor 110 or TCP/IP stack 108. Like TX FPGA 204, RX FPGA 208 is capable of performing limited processing on data at much higher rates than a general-purpose processor. In addition, the behavior of RX FPGA 208 can be modified on the fly by an application running on a local processor or an application running on another computer via the system interface.
  • Physical layer chip 212 provides the physical interface for transmitting and receiving packets. The type of interface implemented by component 212 may be an electrical interface or an optical interface. For example, component 212 may implement Ethernet over a 100 Base T copper media or IP using Packet Over SONET over optical media. In the illustrated example, processor 200, TX FPGA 204, and RX FPGA 208 are connected via address lines 216, data lines 218, and a system bus 220. System bus 220 allows a host controller or client application to manage multiple ports in a coordinated fashion. For example, in an actual implementation, multiple adapter cards, each containing the multiple sets of the components in Figure 3, may be used where each adapter has one or more physical network interfaces. The adapter cards may be plugged into a host system (chassis), which may include a general-purpose computer. TCP application 118 or 120 may execute on the embedded processor 200 or on the host system processor. Because each test device is capable of simulating real TCP connections without maintaining state, the amount of TCP connections per network interface is increased over conventional test systems. As a result, TCP/IP communications devices, such as servers and server load balancers can be tested with a reduced amount of hardware.
  • Figure 4 is a flow chart illustrating an exemplary process for testing a stateful communications device according to an embodiment of the present invention. Referring to Figure 4, in step ST1, stateless and simulated stateful connections are established with a device under test. The device under test may be any type of stateful network communications device, such as an application server or a server load balancer. If the device under test is an application server, a single test system, such as test device 102 illustrated in Figure 2 may be configured as a client and used to establish connections with the application server. If the device under test is a server load balancer, one test device 102 may be configured as a client to establish connections with the server load balancer and another test device 104 may be configured as a server farm to receive connection requests from the server load balancer. In yet another alternative implementation, multiple test devices 102 may be used to test multiple devices under test, such as a server farm.
  • Stateful connections with the device under test may be established using stateful TCP connection establishment procedures as described in the above-referenced TCP/IP protocol standards documents. An exemplary procedure for establishing simulated stateless TCP/IP connections with a device under test will be described in detail below with regard to Figures 5 and 6.
  • In step ST2, test device 102 requests data on the stateless and stateful connections. If the device under test is a web server, requesting data may include requesting data using the HTTP protocol. If the device under test is a server load balancer, requesting data may include requesting data from any type of application server that may be proxied by a server load balancer. In step ST3, performance and/or behavior measurements are gathered on the stateful TCP connections. As stated above, examples of such metrics include the rate of connections being dropped, the rate of retransmissions, the rate of packets being dropped, etc. In step ST4, these measurements are used to modify the behavior of the simulated stateless connections to more closely simulate live network conditions. For example, if it is determined that packets are being retransmitted a certain rate on the stateful connections, test device 102 may be configured to retransmit packets at the same rate. If the device under test is a server load balancer and the device on the other side of the server load balancer is test device 104, programmable stateless packet processor 110 of test device 104 may be configured to retransmit data packets to test device 102. Test device 102 may be configured by its local TCP AMP controller 112 to disregard retransmitted packets.
  • Since programmable stateless packet processor 110 only reacts to inbound packets, some independent mechanism must be used to initiate a sequence of response packets. One method for initiating a response is by generating a "synchronous stream" of SYN packets using traditional packet-blaster capability that may be available in TX FPGA 204. This sync stream can generate packets at up to wire speed with extremely precise timing of gaps between packets (fractions of a microsecond precision). In a typical test, a sync stream will be configured to kick off the pseudo-sessions. The rate will be programmed according to the test that a user wants to perform.
  • One exemplary measurement that a user may want to determine in testing a device or a network is the number of sessions of a given type that can be handled at a given tolerable drop rate. For example, an SLB manufacturer might want to know how many HTTP GETs of a particular average size (or mix) can be done per second before their device starts dropping packets (due to buffers filling, for example).
  • The measured retransmit rate from the full stack in software can be used to change the rate of the sync stream on the stateless connections sync stream will be configured to kick off the pseudo-sessions. The rate will be programmed according to the test that a user wants to perform.
  • One exemplary measurement that a user may want to determine in testing a device or a network is the number of sessions of a given type that can be handled at a given tolerable drop rate. For example, an SLB manufacturer might want to know how many HTTP GETs of a particular average size (or mix) can be done per second before their device starts dropping packets (due to buffers filling, for example).
  • The measured retransmit rate from the full stack in software can be used to change the rate of the sync stream on the stateless connections (continuously without stopping/restarting the test) until the desired drop rate is achieved (in this case, zero - but in practicality it will be some small percentage). This is much more efficient than other methods which require a linear or binary search to "home in" on the maximum rate achievable at some drop rate. A search algorithm like this would require running large numbers of tests in succession at different initial rates. The present invention thus avoids these difficulties associated with conventional test methods.
  • Although in the example illustrated in Figure 4, the present invention uses measurements taken on stateful connections to modify the behavior of tests executing on stateless connections, the present invention is not limited to such an embodiment. In an embodiment, the present invention may include using measurements taken on both the stateless and stateful connections to modify the behavior of stateless connections. The behavior of the stateful connections may also be modified. Any combination of using feedback on the connections to modify the behavior of the stateless and/or the stateful connections is intended to be within the scope of the invention.
  • Figure 5A is a flow chart illustrating exemplary operations performed by a programmable stateless packet processor according to an embodiment of the present invention. Referring to Figure 5, in step ST1, programmable stateless packet processor 110 receives a packet from a device under test. In steps ST2 and ST3, programmable stateless packet processor 110 determines whether a response is required for the packet. For example, if the packet is a SYN packet, programmable stateless packet processor 110 may determine that a SYN plus ACK is required in order to establish a simulated TCP connection with the device under test. If a response is not required for a received packet, control returns to step ST1 where programmable stateless packet processor 110 waits for the next packet.
  • If programmable stateless packet processor 110 determines that a response is required for the received packet, programmable stateless packet processor 110 prepares a response packet based on the information in the received packet. For example, in step ST4, programmable stateless packet processor 110 swaps the source and destination addresses in the IP and Ethernet headers of the received packet, assuming Ethernet is the underlying communication medium. In step ST5, programmable stateless packet processor 110 sets the appropriate bits in the TCP and network headers. This step may include computing header checksums, inserting the correct sequence number value based on the received sequence number, inserting the correct value in the TCP CODE BITS field, etc. The type of response packet may be determined based on the fields in the received packet. For example, if the CODE BITS field in the TCP header of the received packet indicates that the received packet is a SYN packet, then programmable stateless packet processor 110 changes the bits in the CODE BITS field of the outgoing packet to indicate that the packet is a SYN plus ACK. In another example, if the incoming packet contains data, programmable stateless packet processor 110 schematically illustrates exemplary data structures that may be used by programmable stateless packet processor 110 in classifying packets and determining the appropriate responses. Referring to Figure 5B, packet classifications table 500 contains packet classification identifiers or pointers and corresponding offsets and patterns associated with each identifier. For example, packet classification table 500 may classify the following types of TCP packets:
    • SYN
    • SYNACK
    • ACK
    • ACK With GET
    • FIN
    • FINACK
    • RST
  • Packet classification table 500 may contain bit patterns and offsets for each of the above-listed packet types.
  • The packet classification identifiers extracted from packet classification table 500 may be used to locate responses in response table 502. There may be multiple responses in response table 502 corresponding to each packet classification type. In a situation where there are multiple responses for a given packet classification type, the responses may be ordered and programmable stateless packet processor 110 may execute the responses in sequence. In response table 502, each response may include a packet classification identifier, a starting packet identifier, the number of packets to be included in the response, and instructions for determining acknowledgement and sequence numbers to be included in the response packet.
  • Each packet identifier in response table 502 may be used to locate a corresponding packet template in packet table 504. Packet table 504 may contain templates for various types of response packets, such as SYN packets, ACK packets, data packets, etc. These response templates may be used to build outgoing packets based on data extracted from received packets in the manner discussed above with regard to Figure 5A. There may be multiple packets corresponding to each packet identifier.
  • In operation, when programmable stateless packet processor 110 receives a packet, it searches the packet for various patterns located at various offsets according to packet classification table 502. In response to locating a matching pattern, programmable stateless packet processor 110 uses extracts the packet classification ID and uses this value to obtain a response from response table 502. Programmable stateless packet processor 110 uses information extracted from response table 502 to extract a template from packets table 504. Programmable stateless packet processor 110 then builds the packet using the extracted template. This process may be repeated for each response stored in response table 502 for the given packet type and each packet in packets table 504 until the desired packet is sent.
  • Figure 6 is a message flow diagram illustrating messages that may be sent between a programmable stateless packet processor 110 of test device 102 and a server 250 in an HTTP GET transaction. In line 1 of the message flow diagram, programmable stateless packet processor 110 formulates and sends a SYN packet to server 250. Unlike a full TCP/IP client, programmable stateless packet processor of test device 102 preferably does not maintain any state about having sent the SYN packet. In line 2 of the message flow diagram, server 250 receives a SYN packet and sends a SYN plus ACK. In line 3 of the message flow diagram, programmable stateless packet processor receives the SYN plus ACK, determines that an ACK is required based only on the received packet, and sends the ACK. In line 4 of the message flow diagram, server 250 considers the connection with test device 102 to be open. Because test device 102 preferably does not maintain connection state information, test device 102 does not know whether the connection is open. However, in the scenario illustrated in Figure 6, test device 102 assumes that the connection is open after sending the ACK in line 3.
  • In line 5 of the message flow diagram, programmable stateless packet processor 110 of test device 102 sends a TCP segment containing an acknowledgement plus an HTTP GET request to server 250 to request data from server 250. In line 6 of the message flow diagram, server 250 receives the HTTP GET message, extracts the requested data, and sends the requested data to test device 102. In line 7 of the message flow diagram, test device 102 receives the data and formulates a response packet based on the data packet. In this case, the response packet is an ACK packet.
  • In line 9 of the message flow diagram, programmable stateless packet processor 110 of test device 102 sends a FIN plus ACK packet to server 250 to initiate a connection close. In line 10 of the message flow diagram, server 250 receives the FIN and sends an ACK to the FIN. In line 11 of the message flow diagram, programmable stateless packet processor 110 of test device 102 receives the ACK. Because the ACK does not include any data in this example, programmable stateless packet processor 110 of test device 102 determines that no response is required. In line 12 of the message flow diagram, server 250, sends a FIN plus ACK packet to test device 102 to instruct the test system to close its connection. In line 13 of the message flow diagram, programmable stateless packet processor 110 of test device 102 receives the SYN plus ACK packet. Since programmable stateless packet processor 110 does not know that the connection is open, programmable stateless packet processor 110 simply sends an acknowledgement to the FIN packet. In line 14 of the message flow diagram, server 250 receives the FIN packet, and closes and releases resources for its local connection.
  • Multiple simulated connections and HTTP requests may be concurrently initiated with a device under test by repeating the steps illustrated in Figure 6 for each simulated connection. Utilizing HTTP to test stateful network communications devices is desirable because HTTP is the primary protocol used by web browsers to obtain web pages on the Internet. However, as stated above, the present invention is not limited to using HTTP to test stateful network communications devices. Any stateful application may be used.
    • Test Scenarios
  • Table 2 shown below illustrates exemplary metrics that may be used to test a device under test, such as a server load balancer or an application server, such as a web server. Table 2: Test Scenarios
    Metric How Measured Typical Values
    Maximum concurrent sessions Client application must generate multiple requests concurrently and/or before previous requests complete. 50,000-1,000,000
    Test system must maintain count of how many requests are outstanding (i.e.: TCP connection opened but not closed) at any instant in time.
    Maximum sessions per second Client application must generate large number of requests in parallel and in rapid succession. Test system must maintain count of requests and responses per second. 10,000-250,000
    Maximum sessions per second as function of concurrent sessions Perform multiple session/second tests with increasing numbers of concurrent sessions already open Variable
  • An exemplary procedure for performing each of the test metrics illustrated in Table 2 will now be described.
    1. 1. Set up client (or simulated client) applications. Enough clients must be set up to generate the maximum number of sessions/second or the total concurrent sessions, whichever is greater. For example, if general purpose PCs are being used as host processors in implementing the test, about 2,000 sessions/second will be generated by each machine using HTTP. Configuration information for this test scenario includes:
      1. a. IP addresses of clients
      2. b. Names or IP addresses of server
      3. c. If servers are not on same network as clients, the IP address of the gateway to be used to reach the servers from the client network
      4. d. The pages to be requested (for HTTP)
      5. e. Whether to use HTTP/1.0 (close session after each page) or HTTP/1.1 (keep session open for multiple page requests)
      6. f. Other application-specific information
    2. 2. Set up server applications. Enough servers must be set up to respond to the number of requests/second that will be generated or to maintain the maximum number of concurrent sessions, whichever is greater.
    3. 3. Set up instrumentation to measure all desired metrics. This may be part of client applications, server applications or a passive monitoring device.
    4. 4. Execute test.
  • Figure 7 is a screen shot illustrating an exemplary configuration screen of a test system according to an embodiment of the present invention. In Figure 7, test screen 300 includes a first input area 302 allow a user to select the total number of simulated clients and the total number of concurrent sessions. Input area 304 allows the user to input the IP address, the gateway address, and the sub-net address for the first client used in the test. Input area 306 allows the user to input the IP address, gateway address, and sub-net mask of the first server to be used in the test.
  • A system for testing stateful network communications devices according to an embodiment of the present invention may collect and display statistics for each test performed. Figure 8 is a screen shot illustrating exemplary connection rate data collected by a test system according to an embodiment of the present invention. In Figure 8, the connection rate data includes page requests per second, connections requested per second, concurrent sessions, page failure responses per second, pace responses per second, and connections accepted per second. These and other measurements may be collected, displayed to the user in an easily understood format, and used to evaluate the performance of a device under test.
    • PERFORMANCE COMPARISON
  • A system for testing a stateful network communications device according to the present invention achieves higher performance at a lower cost than conventional systems. Depending on how stateful the device being tested is, and how much of a full TCP stack it implements, there are several alternative means of generating adequate traffic to test the performance limits of the device. Each method presents a tradeoff between cost, complexity and realism. Determining which method is the least expensive acceptable method depends on validating the test results for each method against those obtained with real traffic. As will be seen in Table 3 shown below, a system for testing stateful network communications devices according to the present invention gives better performance per unit cost over conventional test systems. Table 3: TCP Traffic Generation Capabilities for Various Methods
    TCP/Application Capability Traditional Packet Blaster HW-based Stateless Packet Processor SW-based Stateless Packet Processor HW/SW Hybrid Amplified TCP CPU-based Full TCP/IP
    MAC DA/SA (swap) X(1) X X X
    IP DA/SA (swap) X(1) X X X
    TCP src/dst port (swap) X(1) X X X
    TCP control bits (change appropriately) X (1,2) X (2) X (4) X
    TCP Sequence # (compute) X X X
    TCP Dynamic Window Size X (4) X
    TCP Retransmit X (4) X
    Fragmentation (create/reassemble) X (4) X
    HTTP Get Response (static page) X (3) X (4) X
    HTTP Cookie (static request) X X X X X

Claims (9)

  1. A method for testing a stateful network communications device (106), the method characterised in that:
    initiating by a test device a plurality of stateless simulated TCP connections with a device under test (106) without maintaining connection state information within the test device;
    receiving by a programmable stateless packet processor within the test device (ST1) packets from the device under test (106) over the stateless simulated TCP connections; and
    preparing response packets by the programmable stateless packet processor, based on information in the received packets without maintaining connection state information from one received packet to the next.
  2. The method of claim 1 wherein establishing stateless simulated TCP connections with the device under test (106) includes forcing the device under test (106) to add state information to its a connection state table within the device under test.
  3. The method of claim 1 wherein establishing stateless simulated TCP connections with a device under test (106) includes establishing stateless simulated TCP connections with an application server.
  4. The method of claim 1 wherein establishing stateless simulated TCP connections with a device under test (106) includes establishing stateless simulated TCP connections with a server load balancer.
  5. The method of claim 1, wherein preparing response packets includes swapping (ST4) the source and destination addresses in the IP headers of received packets to provide addresses for the IP headers of the corresponding response packets.
  6. The method of claim 5, wherein preparing response packets includes swapping (ST4) the source and destination addresses in the Ethernet header of received packets to provide addresses for the Ethernet headers of the corresponding response packets.
  7. The method of claim 5, wherein preparing response packets includes setting (ST5) code bits in the TCP headers of the response packets based on code bits in the TCP headers of the corresponding received packets.
  8. The method of claim 1, wherein preparing response packets comprises:
    classifying each received packet based on a packet classification table (500) to obtain a packet type identifier;
    determining if response is required based on the packet type identifier and a responses table (502) and, when a response is required, obtaining one or more packet identifiers from the response table (502);
    retrieving, from a packet table (504), one or more packet templates corresponding to the packet identifiers;
    building one or more response packets based on data extracted from the received packet and the packet templates.
  9. The method of claim 1, further comprising:
    establishing additional stateless simulated TCP connections with the device under test (106) until a drop rate on the stateless simulated TCP connections exceeds a threshold.
EP10160013.8A 2001-10-01 2002-09-30 Methods and systems for testing stateful network communications devices Expired - Lifetime EP2211270B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/968,432 US7194535B2 (en) 2001-10-01 2001-10-01 Methods and systems for testing stateful network communications devices
EP02780398A EP1368919B1 (en) 2001-10-01 2002-09-30 Methods and systems for testing stateful network communications devices

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
EP02780398.0 Division 2002-09-30

Publications (3)

Publication Number Publication Date
EP2211270A2 EP2211270A2 (en) 2010-07-28
EP2211270A3 EP2211270A3 (en) 2010-11-24
EP2211270B1 true EP2211270B1 (en) 2013-07-17

Family

ID=25514264

Family Applications (2)

Application Number Title Priority Date Filing Date
EP02780398A Expired - Lifetime EP1368919B1 (en) 2001-10-01 2002-09-30 Methods and systems for testing stateful network communications devices
EP10160013.8A Expired - Lifetime EP2211270B1 (en) 2001-10-01 2002-09-30 Methods and systems for testing stateful network communications devices

Family Applications Before (1)

Application Number Title Priority Date Filing Date
EP02780398A Expired - Lifetime EP1368919B1 (en) 2001-10-01 2002-09-30 Methods and systems for testing stateful network communications devices

Country Status (5)

Country Link
US (2) US7194535B2 (en)
EP (2) EP1368919B1 (en)
AT (1) ATE476705T1 (en)
DE (1) DE60237193D1 (en)
WO (1) WO2003030421A1 (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030172177A1 (en) * 2001-12-06 2003-09-11 Kersley Ian P. System and method for verifying a device
US7304956B2 (en) * 2002-04-08 2007-12-04 International Business Machines Corporation Extended wrap mode with source/destination wrap
US7177322B2 (en) * 2002-05-28 2007-02-13 International Business Machines Corporation Technique for controlling selection of a peek adapter or a read adapter from multiple adapters connected to a high speed switch
US7161954B2 (en) * 2002-05-28 2007-01-09 International Business Machines Corporation Technique for controlling selection of a write adapter from multiple adapters connected to a high speed switch
WO2003102804A1 (en) * 2002-06-03 2003-12-11 Karl Auerbach Testing device
US7007086B2 (en) * 2002-06-14 2006-02-28 Sun Microsystems, Inc. Method and apparatus for measuring multi-connection performance of a server
US7328237B1 (en) * 2002-07-25 2008-02-05 Cisco Technology, Inc. Technique for improving load balancing of traffic in a data network using source-side related information
JP4324561B2 (en) * 2002-12-16 2009-09-02 ジェミナイ モバイル テクノロジーズ,インコーポレーテッド Stateless message routing (not knowing processing status)
TWI236252B (en) * 2002-12-27 2005-07-11 Hon Hai Prec Ind Co Ltd Apparatus and method for a network testing system
US8539089B2 (en) * 2003-04-23 2013-09-17 Oracle America, Inc. System and method for vertical perimeter protection
US7350213B2 (en) * 2003-06-19 2008-03-25 Sap Ag System and method for dynamic selection of stateless/stateful software components
US7099797B1 (en) 2003-07-08 2006-08-29 Avanza Technologies, Inc. System and method of testing software and hardware in a reconfigurable instrumented network
US7620989B1 (en) * 2004-02-19 2009-11-17 Spirent Communications Inc. Network testing methods and systems
US9584522B2 (en) * 2004-02-26 2017-02-28 Vmware, Inc. Monitoring network traffic by using event log information
WO2005086850A2 (en) * 2004-03-09 2005-09-22 The University Of North Carolina At Chapel Hill Methods, systems, and computer program products for modeling and simulating application-level traffic characteristics in a network based on transport and network layer header information
US7881215B1 (en) * 2004-03-18 2011-02-01 Avaya Inc. Stateful and stateless data processing
US7457317B1 (en) * 2004-05-14 2008-11-25 National Semiconductor Corporation Method and system for using variable-size frame-based events for communicating over an interface
US20060002306A1 (en) * 2004-06-30 2006-01-05 Ronald Brown Failure detection of path information corresponding to a transmission path
US7801127B2 (en) 2004-10-25 2010-09-21 Ineoquest Technologies, Inc. System and method for creating a sequence number field for streaming media in a packet-based networks utilizing internet protocol
US8279886B2 (en) * 2004-12-30 2012-10-02 Intel Corporation Dataport and methods thereof
KR100677425B1 (en) * 2005-01-13 2007-02-02 엘지전자 주식회사 Apparatus and method for checking performance of wireless data network
US7508817B2 (en) * 2005-02-08 2009-03-24 At&T Intellectual Property I, L.P. Method and apparatus for measuring data transport quality over an internet protocol
KR100608136B1 (en) * 2005-02-18 2006-08-08 재단법인서울대학교산학협력재단 Method for improving security performance in stateful inspection of tcp connection
KR100717681B1 (en) * 2005-03-24 2007-05-11 주식회사 케이티프리텔 A system for transmitting the scrambled broadcast-signals in single frequency network, and a method thereof
JP4940464B2 (en) * 2005-09-16 2012-05-30 独立行政法人産業技術総合研究所 Network equipment test equipment
US20070088815A1 (en) * 2005-10-13 2007-04-19 Kenneth Ma Automated setup and test confirmation of dynamic DNS service
US7676713B2 (en) * 2005-10-28 2010-03-09 Integrated Device Technology, Inc. Automated device testing using intertwined stimulus-generation and response validation specifications for managing DUT's that generate out-of-order responses
US8533808B2 (en) * 2006-02-02 2013-09-10 Check Point Software Technologies Ltd. Network security smart load balancing using a multiple processor device
US9137204B2 (en) * 2006-02-02 2015-09-15 Check Point Software Technologies Ltd. Network security smart load balancing
US9166809B2 (en) * 2006-04-03 2015-10-20 Verizon Patent And Licensing Inc. Automated network testing
WO2008053316A2 (en) * 2006-10-30 2008-05-08 Nokia Corporation Method, apparatus and system for testing user equipment functionality
US20080198742A1 (en) * 2007-02-18 2008-08-21 Gideon Kaempfer Method and system for testing stateful network communications devices
US8014994B2 (en) * 2007-08-31 2011-09-06 Sap Ag Simulation business object for service oriented architecture
US8326971B2 (en) * 2007-11-30 2012-12-04 International Business Machines Corporation Method for using dynamically scheduled synthetic transactions to monitor performance and availability of E-business systems
EP2107466A1 (en) * 2008-03-31 2009-10-07 Sony Corporation Electronic device for emulating other electronic devices and method for operating an electronic device
US8549347B1 (en) 2010-12-20 2013-10-01 Amazon Technologies, Inc. Techniques for network replication
US7991008B2 (en) * 2008-06-26 2011-08-02 Dell Products L.P. Method for identifying the transmission control protocol stack of a connection
US20100008248A1 (en) * 2008-07-08 2010-01-14 Barry Constantine Network tester for real-time measuring of tcp throughput
US8767565B2 (en) * 2008-10-17 2014-07-01 Ixia Flexible network test apparatus
US8483073B2 (en) * 2008-12-08 2013-07-09 Advantest Corporation Test apparatus and test method
US8938532B2 (en) 2009-04-08 2015-01-20 The University Of North Carolina At Chapel Hill Methods, systems, and computer program products for network server performance anomaly detection
US7872987B1 (en) 2009-09-21 2011-01-18 Spirent Communications, Inc. Methods and apparatuses for generating network test packets and parts of network test packets
US7933220B2 (en) * 2009-09-21 2011-04-26 Spirent Communications, Inc. Methods and apparatuses for generating network test packets and parts of network test packets
US7869381B1 (en) 2009-09-21 2011-01-11 Spirent Communications, Inc. Methods and apparatuses for generating network test packets and parts of network test packets
US7872988B1 (en) 2009-09-21 2011-01-18 Spirent Communications, Inc. Methods and apparatuses for generating network test packets and parts of network test packets
US9059968B2 (en) * 2009-11-06 2015-06-16 Telefonaktiebolaget L M Ericsson (Publ) Stateless transmission control protocol rendezvous solution for border gateway function
US9430502B1 (en) * 2010-09-10 2016-08-30 Tellabs Operations, Inc. Method and apparatus for collecting and storing statistics data from network elements using scalable architecture
US8819245B2 (en) 2010-11-22 2014-08-26 Ixia Processor allocation for multi-core architectures
US8572260B2 (en) * 2010-11-22 2013-10-29 Ixia Predetermined ports for multi-core architectures
US8649275B2 (en) * 2011-01-19 2014-02-11 Ixia Fast SSL testing using precalculated cryptographyc data
JP5729209B2 (en) * 2011-08-12 2015-06-03 富士通株式会社 Information processing apparatus, information processing system test method, and program
US8456999B2 (en) 2011-08-18 2013-06-04 Spirent Communications, Inc. Methods and apparatuses for enhanced transmission selection-capable simulated traffic generation
US8717925B2 (en) * 2011-12-22 2014-05-06 Ixia Testing TCP connection rate
US8743735B1 (en) * 2012-01-18 2014-06-03 Cadence Design Systems, Inc. Emulation system for verifying a network device
US9292397B1 (en) * 2012-05-14 2016-03-22 Netload, Inc. Light-weight method and apparatus for testing network devices and infrastructure
GB2508598A (en) * 2012-12-04 2014-06-11 Ibm Splitting the processing logic of a distributed application page between client and server
US9794130B2 (en) 2012-12-13 2017-10-17 Coriant Operations, Inc. System, apparatus, procedure, and computer program product for planning and simulating an internet protocol network
US9559961B1 (en) * 2013-04-16 2017-01-31 Amazon Technologies, Inc. Message bus for testing distributed load balancers
US9686175B2 (en) * 2014-01-24 2017-06-20 Ixia Methods, systems, and computer readable media for testing network devices using simulated application traffic
US9521083B2 (en) 2014-01-27 2016-12-13 Anue Systems, Inc. Traffic differentiator systems for network devices and related methods
US9832084B2 (en) 2014-01-27 2017-11-28 Keysight Technologies Singapore (Holdings) Pte Ltd Traffic differentiator systems for network devices and related methods including automatic port order determination
CA2949397A1 (en) * 2014-05-18 2015-11-26 Kai ZHOU Performance testing system and method
US9811248B1 (en) * 2014-07-22 2017-11-07 Allstate Institute Company Webpage testing tool
CN106470136B (en) * 2015-08-21 2022-04-12 腾讯科技(北京)有限公司 Platform test method and platform test system
DE102015223078A1 (en) * 2015-11-23 2017-05-24 Siemens Aktiengesellschaft Apparatus and method for adjusting authorization information of a terminal
US10353809B2 (en) * 2015-12-01 2019-07-16 Tata Consultancy Services Limited System and method for executing integration tests in multiuser environment
RO132127A2 (en) * 2016-02-15 2017-08-30 Ixia, A California Corporation Methods, system and computerized medium for a testing system connection resiliency
CN111327650A (en) * 2018-12-14 2020-06-23 中兴通讯股份有限公司 Data transmission method, device, equipment and storage medium
US10938706B1 (en) * 2019-09-18 2021-03-02 Cisco Technology, Inc. Systems and methods for providing traffic generation on network devices
US11757750B2 (en) * 2020-04-15 2023-09-12 Level 3 Communications, Llc Traffic amplification for testing of a networking device
US11210206B1 (en) 2020-05-18 2021-12-28 Amazon Technologies, Inc. Spoofing stateful dependencies during software testing
US11567857B1 (en) 2020-05-18 2023-01-31 Amazon Technologies, Inc. Bypassing generation of non-repeatable parameters during software testing
US11360880B1 (en) * 2020-05-18 2022-06-14 Amazon Technologies, Inc. Consistent replay of stateful requests during software testing
US11775417B1 (en) 2020-05-18 2023-10-03 Amazon Technologies, Inc. Sharing execution states among storage nodes during testing of stateful software
US20240015110A1 (en) * 2022-07-06 2024-01-11 Cisco Technology, Inc. Intelligent packet distribution control for optimizing system performance and cost
US11956204B1 (en) * 2022-12-23 2024-04-09 Plume Design, Inc. IPv4-in-IPv6 relaying systems and methods to preserve IPv4 public addresses

Family Cites Families (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4343463A (en) * 1979-11-27 1982-08-10 Gradco/Dendoki, Inc. Compact sorter
US5247517A (en) * 1989-10-20 1993-09-21 Novell, Inc. Method and apparatus for analyzing networks
US5657438A (en) * 1990-11-27 1997-08-12 Mercury Interactive (Israel) Ltd. Interactive system for developing tests of system under test allowing independent positioning of execution start and stop markers to execute subportion of test script
JPH06508008A (en) * 1991-06-12 1994-09-08 ヒューレット・パッカード・カンパニー Method and apparatus for testing packet-based networks
EP0528075A1 (en) * 1991-08-19 1993-02-24 ALCATEL BELL Naamloze Vennootschap Performance measurement device for a telecommunication path and method used therein
US5600632A (en) * 1995-03-22 1997-02-04 Bell Atlantic Network Services, Inc. Methods and apparatus for performance monitoring using synchronized network analyzers
US5568471A (en) * 1995-09-06 1996-10-22 International Business Machines Corporation System and method for a workstation monitoring and control of multiple networks having different protocols
US6233256B1 (en) * 1996-03-13 2001-05-15 Sarnoff Corporation Method and apparatus for analyzing and monitoring packet streams
US5905713A (en) * 1996-04-15 1999-05-18 Hughes Electronics Corporation Method and apparatus for analyzing digital multi-program transmission packet streams
US5812780A (en) * 1996-05-24 1998-09-22 Microsoft Corporation Method, system, and product for assessing a server application performance
US5787253A (en) * 1996-05-28 1998-07-28 The Ag Group Apparatus and method of analyzing internet activity
US6279124B1 (en) * 1996-06-17 2001-08-21 Qwest Communications International Inc. Method and system for testing hardware and/or software applications
US5881237A (en) * 1996-09-10 1999-03-09 Ganymede Software, Inc. Methods, systems and computer program products for test scenario based communications network performance testing
US5937165A (en) * 1996-09-10 1999-08-10 Ganymede Software, Inc Systems, methods and computer program products for applications traffic based communications network performance testing
US5838919A (en) * 1996-09-10 1998-11-17 Ganymede Software, Inc. Methods, systems and computer program products for endpoint pair based communications network performance testing
US5974237A (en) * 1996-12-18 1999-10-26 Northern Telecom Limited Communications network monitoring
US6112238A (en) * 1997-02-14 2000-08-29 Webtrends Corporation System and method for analyzing remote traffic data in a distributed computing environment
US6173333B1 (en) * 1997-07-18 2001-01-09 Interprophet Corporation TCP/IP network accelerator system and method which identifies classes of packet traffic for predictable protocols
US6028847A (en) * 1997-07-31 2000-02-22 Hewlett-Packard Company Multiple stream traffic emulator
US6122670A (en) * 1997-10-30 2000-09-19 Tsi Telsys, Inc. Apparatus and method for constructing data for transmission within a reliable communication protocol by performing portions of the protocol suite concurrently
US6108800A (en) * 1998-02-10 2000-08-22 Hewlett-Packard Company Method and apparatus for analyzing the performance of an information system
US6446121B1 (en) * 1998-05-26 2002-09-03 Cisco Technology, Inc. System and method for measuring round trip times in a network using a TCP packet
US6157955A (en) * 1998-06-15 2000-12-05 Intel Corporation Packet processing system including a policy engine having a classification unit
US6360332B1 (en) * 1998-06-22 2002-03-19 Mercury Interactive Corporation Software system and methods for testing the functionality of a transactional server
US6295557B1 (en) * 1998-06-30 2001-09-25 Cisco Technology, Inc. Apparatus for simulating internet traffic
US6363056B1 (en) * 1998-07-15 2002-03-26 International Business Machines Corporation Low overhead continuous monitoring of network performance
US6434513B1 (en) * 1998-11-25 2002-08-13 Radview Software, Ltd. Method of load testing web applications based on performance goal
US6545979B1 (en) * 1998-11-27 2003-04-08 Alcatel Canada Inc. Round trip delay measurement
US6389449B1 (en) * 1998-12-16 2002-05-14 Clearwater Networks, Inc. Interstream control and communications for multi-streaming digital processors
US6397359B1 (en) * 1999-01-19 2002-05-28 Netiq Corporation Methods, systems and computer program products for scheduled network performance testing
US6708224B1 (en) * 1999-01-19 2004-03-16 Netiq Corporation Methods, systems and computer program products for coordination of operations for interrelated tasks
US6507923B1 (en) * 1999-04-19 2003-01-14 I-Tech Corporation Integrated multi-channel fiber channel analyzer
US6601098B1 (en) * 1999-06-07 2003-07-29 International Business Machines Corporation Technique for measuring round-trip latency to computing devices requiring no client-side proxy presence
US6625648B1 (en) * 2000-01-07 2003-09-23 Netiq Corporation Methods, systems and computer program products for network performance testing through active endpoint pair based testing and passive application monitoring
US6763380B1 (en) * 2000-01-07 2004-07-13 Netiq Corporation Methods, systems and computer program products for tracking network device performance
CN1142491C (en) * 2000-01-11 2004-03-17 国际商业机器公司 Frame system and method for testing server performance
US7006963B1 (en) * 2000-03-02 2006-02-28 International Business Machines Corporation Intelligent workstation simulation-simulation at protocol stack level 2
SE0004804L (en) * 2000-12-21 2002-06-22 Ericsson Telefon Ab L M Method and apparatus for data transmission
US20030033406A1 (en) * 2001-06-14 2003-02-13 Rekesh John Apparatus for and a method of network load testing
US6950405B2 (en) * 2001-07-16 2005-09-27 Agilent Technologies, Inc. Traffic stream generator having a non-consecutive addressing mechanism
EP1289212A1 (en) * 2001-08-28 2003-03-05 Lucent Technologies Inc. Electro-optic interface for parallel data transmission
US7010782B2 (en) * 2002-04-04 2006-03-07 Sapphire Infotech, Inc. Interactive automatic-test GUI for testing devices and equipment using shell-level, CLI, and SNMP commands
US7099438B2 (en) * 2002-06-14 2006-08-29 Ixia Multi-protocol, multi-interface communications device testing system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TUOMAS AURA ET AL: "Stateless connections", PROCEEDINGS OF INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATIONS SECURITY, ICICS'97, 1 November 1997 (1997-11-01), pages 87 - 97, XP055010731 *

Also Published As

Publication number Publication date
EP1368919A4 (en) 2007-05-16
ATE476705T1 (en) 2010-08-15
DE60237193D1 (en) 2010-09-16
EP2211270A2 (en) 2010-07-28
US20070121516A1 (en) 2007-05-31
WO2003030421A1 (en) 2003-04-10
US7496664B2 (en) 2009-02-24
US7194535B2 (en) 2007-03-20
US20030088664A1 (en) 2003-05-08
EP2211270A3 (en) 2010-11-24
EP1368919B1 (en) 2010-08-04
EP1368919A1 (en) 2003-12-10

Similar Documents

Publication Publication Date Title
EP2211270B1 (en) Methods and systems for testing stateful network communications devices
US9191301B2 (en) Real world traffic
US7779133B2 (en) Estimation of web client response time
US9306816B2 (en) System and method for replaying network captures
US9001688B2 (en) Dynamic balancing of a traffic mix for data center device testing
Matthews et al. The PingER project: active Internet performance monitoring for the HENP community
Simpson Jr et al. NETI@ home: A distributed approach to collecting end-to-end network performance measurements
US7827295B2 (en) Protocol stack
US20060029016A1 (en) Debugging application performance over a network
US20060288096A1 (en) Integrated monitoring for network and local internet protocol traffic
Luo et al. Design and Implementation of TCP Data Probes for Reliable and Metric-Rich Network Path Monitoring.
Natarajan et al. SCTP: What, why, and how
US20050283639A1 (en) Path analysis tool and method in a data transmission network including several internet autonomous systems
Zimmermann et al. Flowgrind-a new performance measurement tool
EP2602968B1 (en) Method of data transmission in a wireless network system by optimizing window size scaling of communication protocol
Rüngeler et al. Integration of SCTP in the OMNeT++ simulation environment
US20130151905A1 (en) Testing A Network Using Randomly Distributed Commands
US8687518B1 (en) Automatic address configuration in a network test system
Luo et al. Novel approaches to end-to-end packet reordering measurement
Nikitinskiy et al. Analyzing the possibility of applying asymmetric transport protocols in terms of software defined networks
Rüngeler Sctp-evaluating, improving and extending the protocol for broader deployment
Völker et al. Packet Too Big Detection and its Integration into QUIC
Lundsten Improving 3g performance for the mobile internet
Matoba et al. Capacity dimensioning based on traffic measurement in the Internet
Oltmanns Efficient Employment of Large Format Sensor Data Transfer Architectures

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AC Divisional application: reference to earlier application

Ref document number: 1368919

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR

17P Request for examination filed

Effective date: 20110609

17Q First examination report despatched

Effective date: 20111227

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 60245271

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: G06F0011340000

Ipc: H04L0012260000

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/26 20060101AFI20121126BHEP

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AC Divisional application: reference to earlier application

Ref document number: 1368919

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: IXIA

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 622767

Country of ref document: AT

Kind code of ref document: T

Effective date: 20130815

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 60245271

Country of ref document: DE

Effective date: 20130912

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 622767

Country of ref document: AT

Kind code of ref document: T

Effective date: 20130717

REG Reference to a national code

Ref country code: NL

Ref legal event code: VDEP

Effective date: 20130717

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20131118

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130904

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20131018

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20131028

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

26N No opposition filed

Effective date: 20140422

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20130930

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20130930

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20130930

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 60245271

Country of ref document: DE

Effective date: 20140422

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20130930

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20130717

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 15

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 16

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 60245271

Country of ref document: DE

Owner name: KEYSIGHT TECHNOLOGIES SINGAPORE (SALES) PTE. L, SG

Free format text: FORMER OWNER: IXIA, CALABASAS, CALIF., US

Ref country code: DE

Ref legal event code: R082

Ref document number: 60245271

Country of ref document: DE

Representative=s name: MURGITROYD & COMPANY, DE

Ref country code: DE

Ref legal event code: R082

Ref document number: 60245271

Country of ref document: DE

Representative=s name: ISARPATENT - PATENTANWAELTE- UND RECHTSANWAELT, DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 60245271

Country of ref document: DE

Owner name: KEYSIGHT TECHNOLOGIES SINGAPORE (HOLDINGS) PTE, SG

Free format text: FORMER OWNER: IXIA, CALABASAS, CALIF., US

REG Reference to a national code

Ref country code: GB

Ref legal event code: 732E

Free format text: REGISTERED BETWEEN 20171130 AND 20171206

REG Reference to a national code

Ref country code: FR

Ref legal event code: TP

Owner name: KEYSIGHT TECHNOLOGIES SINGAPORE (HOLDINGS) PTE, SG

Effective date: 20180208

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 17

REG Reference to a national code

Ref country code: GB

Ref legal event code: 732E

Free format text: REGISTERED BETWEEN 20181018 AND 20181024

REG Reference to a national code

Ref country code: DE

Ref legal event code: R082

Ref document number: 60245271

Country of ref document: DE

Representative=s name: MURGITROYD & COMPANY, DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 60245271

Country of ref document: DE

Owner name: KEYSIGHT TECHNOLOGIES SINGAPORE (SALES) PTE. L, SG

Free format text: FORMER OWNER: KEYSIGHT TECHNOLOGIES SINGAPORE (HOLDINGS) PTE. LTD., SINGAPORE, SG

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20210812

Year of fee payment: 20

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 60245271

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0012260000

Ipc: H04L0043000000

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20210825

Year of fee payment: 20

Ref country code: DE

Payment date: 20210818

Year of fee payment: 20

REG Reference to a national code

Ref country code: DE

Ref legal event code: R071

Ref document number: 60245271

Country of ref document: DE

REG Reference to a national code

Ref country code: GB

Ref legal event code: PE20

Expiry date: 20220929

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION

Effective date: 20220929